Forms Authentication - Level Extreme

Plateforme Level Extreme

Abonnement

Profil corporatif

Produits & Services

Support

Légal

English

Forms Authentication

Message

23/09/2004 12:32:01

Victor Campos
Rowland Heights, Californie, États-Unis

Tous

Information générale

Forum:

ASP.NET

Catégorie:

Autre

Titre:

Forms Authentication

Divers

Thread ID:

00945427

Message ID:

00945427

Vues:

Here's the scenario:

A user visits my secure site - because the site is secure they will be redirected to login.aspx - once they login they can navigate the site without any problems. They leave and come back without a problem.

However, if they bookmark a secure page and visit the site another time by going directly to the secure page they get redirected to the login.aspx page as it should since the site is secure.

However, when they login they cought getting redirected back to the login page over and over in an endless loop. The only way to get out is to close the browser and visit the site by hitting the home page which will redirect to the login.aspx page.

We can't recreate this problem on our machines running WinXP (not XP2), we can't even recreate this problem in our development server running Win2000 Server SP3, but it does occur on our production servers running Win2000 Advance Server, Load Balance, with Session State on SQL Server (all machines run session state on SQL - including development machines, development servers and production servers.).

Here's the Exception information we get during the Application_AuthenticationRequest Method:

1) Exception Information
*********************************************
Exception Type: System.Security.Cryptography.CryptographicException
Message: Bad Data.

TargetSite: Byte[] _DecryptData(IntPtr, Byte[], Int32, Int32, Boolean)
HelpLink: NULL
Source: mscorlib

StackTrace Information
*********************************************
at System.Security.Cryptography.CryptoAPITransform._DecryptData(IntPtr
hKey, Byte[] rgb, Int32 ib, Int32 cb, Boolean fDone)
at
System.Security.Cryptography.CryptoAPITransform.TransformFinalBlock(Byte[]
inputBuffer, Int32 inputOffset, Int32 inputCount)
at System.Security.Cryptography.CryptoStream.FlushFinalBlock()
at System.Web.Configuration.MachineKey.EncryptOrDecryptData(Boolean
fEncrypt, Byte[] buf, Byte[] modifier, Int32 start, Int32 length)
at System.Web.Security.FormsAuthentication.Decrypt(String
encryptedTicket)
at CalChoice.Web.Global.Application_AuthenticateRequest(Object sender, EventArgs e)

-vic
My Personal Site

Répondre

Fil

Voir

Click here to load this message in the networking platform